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I . General Remarks Concerning This Response 

Claims 1-25 are currently pending in the present 
application. No claims have been amended, added, or canceled. 
Reconsideration of the claims is requested. 
5 It should be noted that the Office action states (both in 

section 6 and on the PTQ-326 Office Action Summary form) that 
claims 10-25 are allowable. However, the Office action also 
includes a rejection of claims 1, 6-10, 17, 18, and 20-25 under 
double patenting. Thus, it is unclear whether claims 10, 17, 18, 
10 and 20-25 are allowed or rejected. Applicant argues against the 

double patenting rejection and assumes that the claims are 
re j ected . 

II . Summary of Present Invention 

15 A method of enabling a proxy to participate in a secure 

communication between a client and a server. The method begins 
by establishing a first secure session between the client and the 
proxy. Upon verifying the first secure session, the method 
continues by establishing a second secure session between the 

20 client and the proxy. In the second secure session, the client 

requests the proxy to act as a conduit to the server. 
Thereafter, the client and the server negotiate a session master 
secret. Using the first secure session, this session master 
secret is then provided by the client to the proxy to enable the 

25 proxy to participate in secure communications between the client 

and the server. After receiving the session master secret, the 
proxy generates cryptographic information that enables it to 
provide a given service (e.g., transcoding, monitoring, 
encryption/decryption, caching, or the like) on the client's 

30 behalf and without the server's knowledge or participation. The 

first secure session is maintained between the client and the 
proxy during such communications. 
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Ill . 35 U.S.C. § 101-Double Patenting 

The Office action has rejected claims 1, 6-10, 17, 18, and 
20-25 of the present patent application in an obviousness- type 
double patenting rejection over claims 1, 6-10, 17, 18, and 20-25 
5 of Bellwood et al . , U.S. Patent Number 6,584,567 Bl, issued 

06/24/2003, which is also assigned to IBM and has a common 
co-inventor with the present application. As an initial issue, 
Applicant notes that the citation of the same claim numbers in 
the patent cannot be correct. In any case, this rejection is 
10 respectfully traversed. 

MPEP § 804 states the following: 

Since the analysis employed in an obviousness- type 
double patenting determination parallels the guidelines for 
a 35 U.S.C. 103(a) rejection, the factual inquiries set 
15 forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 

(1966) , that are applied for establishing a background for 
determining obviousness under 35 U^S.C. 103 are employed 
when making an obviousness- type double patenting analysis. 

20 Any obviousness -type double patenting rejection should 

make clear: 

(A) The differences between the inventions defined by 
the conflicting claims -- a claim in the patent compared to 
a claim in the application; and 
25 (B) The reasons why a person of ordinary skill in the 

art would conclude that the invention defined in the claim 
in issue is an obvious variation of the invention defined in 
a claim in the patent. 

30 The claims in the present patent application and the issued 

patent clearly differ from each other. As is apparent by a 
comparison of the claims in the present application and the 
issued patent, all of the independent claims in the issued patent 
contain additional subject matter concerning the use of the proxy 

35 between the client and multiple servers; this additional feature 

is not present in any of the independent claims nor dependent 
claims of the present application. However, the Office action 
merely points to Bellwood et al . without providing any argument 
about the differences between the present application and the 
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issued patent. More importantly, the rejection does not provide 
the reasons why a person of ordinary skill in the art would 
conclude that the invention defined in the claim in issue is an 
obvious variation of the invention defined in a claim in the 
5 patent, as is required by a proper obviousness -type double 

patenting rejection. The onus is on the Patent Office for 
explaining the reasoning behind the rejection; without any 
reasoning against which to argue, Applicant cannot provide any 
arguments against the hypothetical reasoning. Applicant requests 
10 the withdrawal of the double patenting rejection. 

IV. 35 U.S.C. § 103 (a)-Obviousness-Vu in view of Raivisto 

The Office action has rejected claim 1 (and possibly 6-9) 
under 35 U.S.C. § 103(a) as unpatentable over Vu, "Apparatus and 

15 method for providing a secure gateway for communication and data 

exchanges between networks", U.S. Patent No. 5,623,601, filed 
11/21/1994, issued 04/22/1997, in view of Raivisto, "Method of 
implementing connection security in a wireless network", U.S. 
Patent Number 6,081,601, filed 01/27/1998, issued 06/27/2000. 

20 This rejection is respectfully traversed. 

The Office action contains a statement of the grounds of 
rejection for claim 1 and only claim 1 on page 2 of the Office 
action. The rejection of claim 1 continues onto page 3. 
However, on pages 3 and 4, the Office action appears to argue 

25 that claims 6-9 are also rejected, supposedly in view of Vu and 

Raivisto. However, claims 6-9 are not recited within the grounds 
of the rejection. It is assumed that claims 6-9 are also 
rejected under the obviousness rejection that includes claim 1. 

The rejection of claims 6-9 merely points out the fact that 

30 Vu discloses various network protocols, such as SSL, or a 

pervasive network client. Because claims 6-9 depend from claim 
1, the rejection of claims 6-9 also includes the deficiencies of 
the rejection of claim 1, as argued hereinbelow. 
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The beginning of the rejection of independent claim 1 
states: 

As per claim 1, Vu discloses establishing a first 
. secure connection between the client and the proxy (gateway 
5 station 14). Vu discloses that upon verifying the first 

secure session, establishing a second secure session between 
the client and the proxy (gateway station 14), the second 
secure session requesting the proxy to act as a conduit to 
the server [column 8 lines 54-64] . 
10 Vu does not teach having the client and the server 

negotiate a session master secret and delivering the session 
master secret to the proxy using the first secure session to 
enable the proxy to participate in the secure communication 
[column 4 line 54 to column 5 line 14] . 

15 

Vu clearly does not disclose some of the claimed features of 
the present invention, notwithstanding the arguments presented by 
the rejection. The portion of Vu that is cited by the rejection 
but not applied against the claims (column 4, line 54 to column 
20 5, line 14) appears to have been mentioned merely for support of 

the fact that Vu provides some disclosure of a secure 
communication. The portion of Vu that is cited by the rejection 
and applied against the claims, column 8, lines 54-64, reads as 
follows : 

25 As will be explained below in detail, the process then 

authenticates the client's authorization to access the 
requested service and if the client 16 is determined to have 
the required authorization, the gateway station 14 initiates 
a second communication process 19 with the remote host 46 in 

30 which the gateway station 14 simulates the client 16 without 

revealing the client address. Once the two communication 
sessions 17, 19 are operative, communication is effected 
between the client 16 and the host 46 by passing 
communication data between the two interdependent 

35 communication sessions. 

According to the rejection, the gateway in Vu is analogous 
to the proxy in the present application. The rejection states 
that Vu discloses at col. 8, lines 54-64, that there are two 
40 communication sessions between the client and the gateway, but Vu 

does not disclose this. Vu discloses two communication sessions: 
one between the host server and the gateway and the other session 
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between the gateway and the client. The cited portion of Vu 
refers to FIG. 4, which clearly shows a communication session 
(element 17) between the client (16) and the gateway/proxy (14) 
and a communication session (19) between the gateway/proxy (14) 
5 and external entities which route the data to the host (46) . 

Thus, in Vu, the gateway acts as an intermediary between the 
host and the client, and the client and the gateway communicate 
only through one communication session, whereas in the present 
invention, the client and the proxy communicate through two 
10 communication sessions. Independent claim 1 reads in its 

entirety : 

1. A method of enabling a proxy to participate in a secure 
communication between a client and a server, comprising the 
step of: 

15 establishing a first secure session between the client 

and the proxy; 

upon verifying the first secure session, establishing a 
second secure session between the client and the proxy, the 
second secure session requesting the proxy to act as a 
20 conduit to the server; 

having the client and the server negotiate a session 
master secret; and 

delivering the session master secret to the proxy using 
the first secure session to enable the proxy to participate 
25 in the secure communication. 

In the present application, after establishing a first 
communication session between the client and the proxy, the 
client then establishes a second communication session between 

30 the client and the proxy. The second communication session is 

established through the proxy such that the proxy acts as a 
conduit or tunnel. For this second communication session, the 
proxy merely transfers the content between the client and the 
server, and the proxy does not actively process the content, such 

35 as transcoding the content or some other function. After the 

client obtains a session master secret from the server through 
the second communication session, the client transfers the 
session master secret to the proxy using the first communication 
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session, after which the client communicates with the server 
through the first communication session. The proxy and the 
client maintain the first secure session, and the server is 
unaware that it is communicating with the proxy using the session 
5 . master secret rather than the client; in a typical, prior art 

case, the server would communicate directly with the client using 
the session master secret. With the present invention, the proxy 
performs its active processing, such as transcoding content, with 
the message traffic through the first communication session. In 

10 addition, the entire communication channel remains secure with 

the server unaware that the proxy is acting as an intermediary 
between the client and the server. 

Hence, the rejection of claim 1 contains a fundamental flaw 
in that it argues that Vu discloses two communications sessions 

15 between the proxy (gateway station in Vu) and the client, but 

this is incorrect. The rejection then proceeds to rely on 
Raivisto to remedy another deficiency in Vu with respect to the 
secure characteristic of the communication sessions in claim 1. 
However, Raivisto clearly discloses a similar arrangement of 

20 communication elements. 

Moreover, the rejection does not provide any argument as to 

the manner in which Raivisto discloses any elements of the 

present invention. The rejection states on p. 3, paragraph 1: 

Raivisto teaches a client and a server negotiate a 
25 session master secret and delivering the session master 

secret to the proxy using the first secure session to enable 
the proxy to participate. 

In other words, the rejection merely states that Raivisto 
30 discloses the fourth element of claim 1 without providing any 

indication of the portions of Raivisto that disclose the claimed 
feature. Applicant argues that the lack of support in the 
rejection for the rejection's argument mirrors the lack of 
disclosure in Raivisto of the claimed feature. 
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Furthermore, the hypothetical combination of Vu and Raivisto 
apparently is attempting to argue, without explicitly saying so, 
that an analogy can be made between the proxy of the present 
invention and the mediator of Raivisto , but it does not explain 
5 how the prior art shows two communication sessions between, a 

terminal/client and a mediator/gateway /proxy as claimed in the 
present invention . 

In other words, the combination of Raivisto with Vu does not 
remedy the most prominent deficiency in Vu because the basic 

10 configuration of Raivisto is similar to Vu. In Raivisto , the 

mediator acts as an intermediary between two terminals; this 
configuration is analogous to the gateway acting as an 
intermediary between the host and the client in Vu or the proxy 
acting as an intermediary between the server and the client in 

15 the present invention. However, Raivisto does not disclose two 

communication sessions between a single terminal and the 
mediator, as would be necessary before Raivisto can begin to 
disclose the claimed features of the present invention concerning 
two secure communication sessions between a client and a proxy. 

20 The motivational statement in the rejection fails to provide 

any argument for combining the teachings of the two prior art 

references, much less a convincing argument. The first portion 

of the motivational statement states: 

Therefore it would have been obvious to a person having 
25 ordinary skill in the art at the time the invention was made 

to have modified Vu so that a first secure connection would 
have been made between a client and a proxy. A second 
connection would have been made between a client and a proxy 
that enables the proxy to act as a conduit to the server. 
30 Secret keys would have been established [sic] the proxy and 

the client and the proxy and the server. 

This portion of the motivation statement merely echoes the 
claimed elements of the present application; there is no argument 
35 about any suggestion or motivating factor in the prior art as to 

why one would have performed these modifications. Since the 
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rejection merely echoes the claimed elements, the rejection 
clearly uses improper hindsight in employing the teachings of the 
present application against the claims in the present 
application . 

5 The second portion of the motivational statement states: 

It would have been obvious so to a person having 
ordinary skill in the art at the time the invention was made 
to have modified Vu by the teaching of Raivisto because the 
management of keys and other parameters needed for 

10 connection security is simple and secure. When applying 

this method, only a few security parameters need to be 
stored at mobile terminals. Another advantage of the method 
according to the invention in that mobile terminals using 
incompatible security algorithms and/or security layer 

15 protocols can communicate with each other with the 

connection security provided [column 3, lines 50-61]. 

The mentioning of the advantage of simple and secure management 
of keys and parameters is completely generic; this statement 

20 could have been used for numerous cryptographic systems. The 

mentioning of mobile terminals is also, irrelevant; while it may 
be true, there is nothing specific about the use of mobile 
terminals that would have specifically motivated someone to 
construct a system as claimed in the present application. The 

25 motivational statement does not provide any nexus between the 

features of Vu and the features of Raivisto and why or how the 
integration of hypothetical features between the two systems 
could be accomplished to form the claimed features of the present 
application. 

30 

Examiner bears the burden of establishing a yrima facie case 
of obviousness.. 

The examiner bears the burden of establishing a prima facie 
case of obviousness based on the prior art when rejecting claims 
35 under 35 U.S.C. § 103. In re Fritch, 972 F.2d 1260, 23 

U.S.P.Q.2d 1780 (Fed. Cir. 1992) . Only when a prima facie case 
of obviousness is established does the burden shift to the 



Page 9 
Lita et al. - 09/282,633 



applicant to produce evidence of nonobviousness . In re Oetiker, 
977 F.2d 1443, 1445, 24 U.S.P.Q.2d 1443, 1444 (Fed. Cir. 1992); 
In re Rijckaert, 9 F.3d 1531, 1532, 28 U.S.P.Q.2d 1955, 1956 
(Fed. Cir. 1993) . If the Patent Office does not produce a prima 
5 facie case of unpatentability, then without more the applicant is 

entitled to the grant of a patent. In re Oetiker, 977 F.2d 1443, 
1445, 24 U.S.P.Q.2d 1443, 1444 (Fed. Cir. 1992); In re Grabiak, 
769 F.2d 729, 733, 226 U.S.P.Q. 870, 873 (Fed. Cir. 1985). In 
response to an assertion of obviousness by the Patent Office, the 
10 applicant may attack the Patent Office's prima facie determin- 

ation as improperly made out, present objective evidence tending 
to support a conclusion of nonobviousness, or both. In re 
Fritch, 972 F.2d 1260, 1265, 23 U.S.P.Q. 2d 1780, 1783 (Fed. Cir. 
1992) . 

15 With respect to claims 1 and 6-9, Vu in view of Raivisto 

does not disclose the claimed invention nor provide any 
suggestion to motivate one having ordinary skill in the art to 
modify the prior art to reach the claimed invention. In fact, 
the rejection appears to disregard entire claim elements without 

20 justification. In general, the rejection does not point out the 

necessary teachings, suggestions, or incentives to reach the 
claimed invention. Hence, the rejection of claims 1 and 6-9 does 
not establish a prima facie case of obviousness based on the 
prior art. Therefore, the rejection of claims 1 and 6-9 under 35 

25 U.S.C. § 103(a) has been shown to be insupportable, and this 

claim is patentable over the applied prior art. Applicant 
requests the withdrawal of the rejection. 

V, Conclusion 

30 It is respectfully urged that the present patent application 

is patentable, and Applicant kindly requests a Notice of 
Allowance . 
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For any other outstanding matters or issues, the examiner 
urged to call or fax the below-listed telephone numbers to 
expedite the prosecution and examination of this application. 



DATE: 



August 18, 2004 



Respectfully submitted, 




Josepii R. Burwell 
Reg. No. 44,468 
ATTORNEY FOR APPLICANT 

Law Office of Joseph R. Burwell 

P.O. Box 28022 

Austin, Texas 78755-8022 

Voice: 866-728-3688 ( 86 6 - PATENT 8 ) 

Fax: 866-728-3680 ( 8 66 - PATENT0 ) 

Email : joe@burwell . biz 
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